http://www.regnum.ru/english/749825.html REGNUM News Agency December 15, 2006 2006 marks a kind of anniversary: 15 years of a fraud with counterfeited advice notes, one of the major frauds in the history of world banking. It was about faked credit notes. As a result, in 1991-92, 400 billion rubles were embezzled from the Russian Central Bank. The results were really catastrophic for Russia. The unprecedented in world banking theft was ceased by joint effort of the Central Bank staff and Russian Ancort Company that in a very short time managed to elaborate and install a system of cryptographic protection of notes. As a result, despite the continuing attempts made by the crime, no fake credit note let take money illegally from the Russian Central Bank. A REGNUM correspondent spoke about those events with President of Ancort Co Anatoly Klepov. -=- REGNUM: Mr. Klepov, the tragic death of Russias Central Bank First Deputy Head Andrei Kozlov makes us speak again on the bygone events of early 90s when the Central Bank became object of an unprecedented criminal attack known as the fake advice notes fraud. But only few know that you and your company were directly involved in cutting short that fraud. Yes, it is true that our work with the Central Bank started in 1992, at the very difficult moment, and has continued until now. Usually, cryptographic companies that provide for protection of information do not speak to the media commenting on their work with their clients in order to observe confidentiality. But now in connection with murder of Andrei Kozlov the indignation is very high. Many high-ranking officials gave their comments assessing such actions as lawlessness. The State Duma has established a special committee to investigate criminalization of banking systems, particularly in investigating this murder. MP Nikolai Leonov, speaking on TV, directly stated that Kozlovs death was directly connected with fake advice notes, Head of the Russian Audit Chamber Sergey Stepashin said the same. I think they are right. Andrei Kozlov was really occupied with investigation of causes of those events. The thing is, the war started then is not over yet. And the problem I so important that I believe it is my duty to speak even contradictory to the official position of the Central Bank leadership that opposes my statements to the press. I will not be talking about certain details of the Central Bank protection, but I will try to analyze causes of the biggest fraud in the history of world banking in order to prevent from such events being repeated in banking as well as in other fields, state-run and commercial. Some typical mistakes committed in organization of the Central Bank information security can be seen in other institutions in Russia as well. There is no comprehensive understanding on the country today on what happened in Russia then. It is very important to prevent from such fraud taking place again and establish a solid protection against possible attacks of cyber criminals. The reality is, in 1991-92 a cyber war broke up in Russia. Management of national strategic financial resources was partially taken under control by criminal subjects, but we are still unable to define it clearly, whether it was crime or, maybe, some external forces stood behind them and tried to destabilize the situation in Russia. For some time, they had managed to take under control vast financial flows of Russias National Bank. What is information war? Dictionary War and Peace in Concepts and Definitions edited by Dmitry Rogozin gives general attributes of it: 1. Damaging information systems, processes and critically important national resources. 2. Undermining of political and social systems. 3. Massive psychological pressure upon population aimed at destabilization of society. All those attributes were present in the case with fake advice notes. Functioning of the National Bank information system was seriously damaged practically right up to suspension of financial payments in the country. Awful inflation connected with massive embezzlement undermined peoples trust in the democratic Russia, aggravated the social atmosphere. And the psychological campaign of intimidating the people with the help of the term Chechen advice note was necessary for them to instigate inter-ethnic discord inside Russia and for its division in the long run. From the technical point of view, all elements of information war were present. For instance, imposing false reports, listening-in and distortion of information, establishment of false points for information transmission and many other things, which now consists the gist of current high-tech information wars. REGNUM: Were information systems of the Central Bank then modern enough? How did it happen that they were so vulnerable? Problems of the Central Bank were typical enough for the whole former USSR. Information systems of the former Soviet Union were very good protected strategically at the level government, Central Committee of the Communist Party of the Soviet Union and others. However, on the tactical level, say, our troops in Afghanistan had great problems in information safety in Afghanistan. For instance, encoding of information in handwritten documents, by which our troops were equipped, took comparatively long time, which is critical in operation. It brought about the situation when army units exchanged information by so-called talking tables, where words like shells were replaced by water-melons and cartridges were called cucumbers. Under current rules, the words taken from the talking tables were to be coded by handwritten encoding documents in order not to let the enemy determine correct meaning of the words. But it is hard to imagine how this can be done during operation, so, the fruit-and-vegetables exchanged of information was broadcasted. Of course, in some time the enemy knew the correspondence between words and phrases and laid an ambush where wanted to. Nobody knows for sure how many our troops and officers died of it. The situation reiterated in Nagorno Karabakh and Chechen wars. Numerous stern decrees were issued to ban use of talking tables without encoding, but, alas, if technical equipment does not correspond with demand of reality, the human factor plays its tragic role. This fruit coding played its role in the case with fake advice notes. It can be said conditionally that protection of financial advice notes exchange between cash calculation centers was a tactical task for the Central Bank is practically the same as in the army. The whole political system generates one and the same errors, particularly, technical ones. For the chief executive a whisper in the phone hanger is encoded, and for the ranks there are inconvenient coding tables. In the USSR it became apparent in everything not only in the military. The legacy of the Soviet times disrespectful attitudes to the people, who are fulfilling governmental tasks, be it military service or banking, which resulted in tremendous theft. In cyber war the concept of a tactical unit is completely different from the one in a usual war; often setbacks in its protection can result in losing control over strategic information resources, which happened at the Central Bank. We encountered new concepts in the sphere of information wars and the main one of them is that any information unit of our protection should be secured. Otherwise, a skilled cyber attack will give the enemy a brilliant opportunity to penetrate unnoticed our information systems and then destroy them. As Interior Minister Rashid Nurgaliyev said recently, trillions of rubles were stolen then. Evidently, from the technical point of view it was done very professionally. What was trillions of rubles for Russia in 1991-92? Those were budget money. State-financed enterprises, first of all, defense enterprises received no money and started closing. In that period major companies ceased or suspended their functioning. Dozens of thousands of bright technologists, engineers were ousted from work. Fist of all, the military industrial complex was damaged, not only production, but scientific intelligentsia of Russia, who traditionally used to work in the defense industry. Healthcare financing and payment of pensions drastically decreased, a crisis happened to the financial system; all savings of the population burned in inflation. Life span decreased. Thus, if we sum up, the theft of the Central Bank in its economic consequences was comparable to a nuclear aggression against our country. It was a real cyber war, not just and act of cyber terrorism. The embezzled money was taken abroad, plants and factories were bought for it this was the way how financial basis for cyber terrorism was laid. Criminals understood they can have incredible money with the help special technical means and started developing them. What the power of cyber terrorism is, we felt it to the full extent in Chechnya, where special equipment was applied against our troops both in the first and the second wars in Chechnya. We contributed as much as we could in fighting cyber terrorism presented thousands of encoding units to police troops and Air Forces. Cyber terrorism is not only technical means; it often affects the administrative resource as well. We did not have a right to sell our encoding equipment officially in the quality our troops needed it and we could give it to them as present only. Some our governmental officials were indifferent to death of troops and officers, the main thing was not to breach the instructions that they had prepared deriving from the principle of preserving their wealth in Moscow. Naturally, cyber terrorism is not only a Russian phenomenon. For instance, al-Qaedas cyber terrorism ended up with September 11. There is nothing strange in it. In Afghanistan, dushmans were with great attention examining US systems of interception of our aircrafts and helicopters communication, information monitoring of military air bases including remote control of airplanes. Then, a vast interest was shown in numerous exhibitions of special equipment for interception and listening-in held in Russia in 1991-93. Combining US and Soviet technologies in the filed of conducting information wars and receiving practical experience in Chechnya, al-Qaedas terrorism entered the international arena. I believe that no serious terror attack has been carried out nowadays without participation of cyber terrorists. As they carry out their actions at the highest technological level, so they need to conduct preliminary research: they listen in to something, receive and process information and make general analysis to determine the weak points. It is a mistake to believe that cyber terrorism attacks only computer networks or internet. Its technical potential is much more extensive, which was shown by the recent war in Lebanon. It was not without reason, when President Putin announced at a meeting with prosecutors that cyber terrorism is the main threat for the 21st century. There are weighty grounds for it. REGNUM: Let us get back to the events of 1992. At some moment it became clear what was going on and the Central Bank leadership comprehended how it should secure its safety? As then-chair of the Central Bank Viktor Gerashchenko said in his speech at the seventh congress of peoples deputies, the financial system of the Central Bank was in collapse, practically it was stopped. As one could have predicted, chaos expected us, government reshuffle and so on. It became clear that we should protect ourselves immediately. But how? They were supposed to build a new well-protected system of 1,800 new branches of cash calculation centers and restore the Russian financial system soon. The Central Bank turned to us with this task. REGNUM: Why was it you? Because protection was to be done professionally, fast and for sure. And the most important thing: the equipment needed to be mass and not expensive. Like Kalashnikov machine gun during the war. We could provide it, as we have a production plant in Zelenograd (not far from Moscow). We elaborated a unique cryptographic protection system. Some elements of the system have no analogs in the world. Each payment under an advice note was protected by a mini electronic digital signature. The notes could be sent via telex between the cash calculation centers. It is impossible to counterfeit such payment. When the work started, the Central Bank did not trust anyone. It was an unprecedented thing for a governmental agency, but, probably, there were grounds for it. The leadership of the bank felt that someone inside the Bank was working for criminals, so they decided to produce keys on the first stage at our office. At next stages the Central Bank made the keys by itself. So, overall, the technical part of the assignment was done only by Ancort company. We were supposed to deliver 6,000 encoders, work out unique cryptographic solutions for 1,800 clients of the network, rules of functioning of the network and many other things to secure needed level of information protection of the Central Bank network. Our company fulfilled its duty and since December 1, 1992 protection system of the Central Bank started functioning. For more than 14 years nobody managed to counterfeit a Central Bank advice note technically. Naturally, it was very and very insecure. We had no arms, but had to wear flak jackets. We encountered face to face with our enemies. Criminals came with guns, blockaded production of encoders, so we had to take them to a safe place; they brought plenty of money to graft us, threatened and urged to give them the keys. But they were late and we told them: Whatever you do, gentlemen, it will be in vain: the system is launched, and you will never succeed in changing it. On the other hand, governmental agencies suddenly recollected: how without their knowledge protection of a state bank is being secured, if something happens, they can be dismissed They started criminal proceedings against the companys leadership on the charge of unsanctioned supply of equipment to the Central Bank. We turned for help to be protected from the crime, but we were told that of we hand over money to a very respectable governmental official, we shall have full protection. We rejected such proposals that were in conflict with our position, which is clear-cut: we do not sell and do not denounce. Those years of 1991-92 were the most controversial years of formation of the country, when the most important question was being decided whether Russia will exist or shall we enter a civil war with unpredictable results. The whole burden of protection of the Central Bank finances was put on shoulders of Russian women then. The Central Bank financial system consisted of 1,800 calculation centers all over Russia. Each center was to communicate with the others. So, each center was supposed to be equipped with a certain number of encoders and train operators how to work with them. When we asked how many they were, we were told about 5,000 people. We were to teach them how to work with encoders within two months to make the system operate. It was 5,000 female cryptographers, as mostly women were engaged in such activity at the bank. The history of the USSR and Russia has never seen this before. It is unbelievable, but the system was launched within two months, and it the major achievement of our women. Those women won the cyber war with criminals, and there were over 10,000 of them, according to the Interior Ministry information. REGNUM: The fact that the galloping inflation by the end of 1992 slowed down should be evidently considered as a sign that they managed to fill up a gap in the Central Bank protection, shouldnt it? Yes, it should. But now Andrei Kozlov started investigating why those events became possible from organizational point of view. He was very intent to the problem of leak of insider information. Do you remember his statement this year on colossal downfall of Gazprom shares because of that? Cyber war has to do not only with technical issues, but with who and why permitted to do actions like this. When we investigate this, we usually come to a conclusion that people behind it were not ordinary criminals. It was very well equipped crime led y very competent persons. REGNUM: Do you have any ideas of who can it be? We do not know it. But what we know is that they were very professional. A cyber war cannot be considered accomplished until a thorough analysis is made on how such a system could be created that could be so easily destroyed. When we started the job to protect financial operations of the Central Bank, we saw a system that had so many gaps that it could hardly exist. REGNUM: And what about the current system? Can we be sure it was created without envisaging theft? Any system should be modernized and improved constantly. And at present time, the Central Bank spares no effort on it. As for general issues of protection of Russian information resources, as before the most attention is paid to protection of strategic information networks, while attacks of cyber terrorism cover the most updated and first of all mass communication networks. It is in constant search for gaps in protection shield. For example, nowadays, one of the most popular ways of cyber crime is collection of personal information. How do hackers penetrate data bases? Under information of Kaspersky Laboratory, it is done through tapping phones. It is very easy: say, a system administrator returns home from work, and suddenly he receives a call from office saying: Our server is buzzed, tell us the password. He answers, but his phone is tapped. Do not think that hackers are super genies. They stake mostly on human factor: someone wrote down the password somewhere, left the paper visible for everyone they make money mostly on such things. Of course, they have accomplices inside. As a result, annual losses from cyber attacks total about $100 bln. Plenty of statements were made by media on the case of the Kozlov murder saying that it is necessary to do away with crime. Deputy chair of the Russian State Duma Vladimir Zhirinovsky in an interview to Ekho Moskvy Radio proposed to increase phone tapping. But none of our governmental officials ever asked themselves a question: do we have reliable personal information protection for each member of the State Duma or for Interior Ministry officers, who investigate high-profile crimes? Now and then we hear formidable reports that criminal proceedings were started on a case of an information leak from investigation of a contract murder, but at the same time we see on TV how very important persons talk by their cell phones from the site of the crime, but I never saw any special cryptographic cell phone by them. Isnt it the main way of information leak? I think the Russian prosecution should be asked: Are our prosecutors and the investigative bodies that ate on the forefront of the fight against terrorism well protected from cyber terrorists? Are they ready for a cyber war or not, like the Central Bank wasnt in its time? State Duma members do go abroad and use their cell phones there. Contents of their talks and their voices can be easily faked and forged statements can be released on their behalf. Wont it hurt Russias prestige? Is the presidential team ready for it? Well, he does not use ordinary means of communication. But what about his personal doctor? And reporters, who accompany him? Isnt a cyber terrorist able to compromise some of them, forging someones voice or somehow else? We know from mass media about permanent scandals involving unsanctioned tapping of cell phones in some Western countries. For example, in Greece and Italy even the countrys leadership was tapped. Do we have guarantees that cyber terrorists will not choose for their attacks officials of the Russian foreign ministry who work abroad? Recently the number of Russian citizens detained abroad after tapping their phones increased and the trend is alarming. Over 140 mln cell phones are now used in Russia; they provide for accessible and convenient connection. There is a special, very reliable subsystem of confidential cellular connection on the basis of Megafon operator. There is only one analogous system, in the United States. As we know, now it is used mostly by top-ranking governmental officials, although commercial companies can also join the subsystem. What does put limits on the use of it? The answer is simple: absence of a relatively low-cost crypto smart phone with confidentiality protection. It will allow to settle the task of personal information protection of dozens of thousands of police officers and civil servants, including those from the foreign ministry. Why doesnt the State Duma establish a special group to study question of information protection of personal data for Russian civil servants because of the increasing activity of cyber terrorism? The matter is not only technical or economical, but an organizational one. We faced practically the same problem many years ago while creating our coder for the Central Bank, which was 20 times less expensive than analogous coders made by state-run companies. Now, cyber terrorism has been searching for new methods and approaches. Are we ready to withstand its attacks? REGNUM: Can cite as examples some countries where information protection system is build taking into consideration the threats you are talking about? Russia is here on the forefront as well. We managed to survive the first cyber war that had no analogs in international practice. The West has not felt yet the grave consequences of cyber terrorists attacks. I remember an interesting case. Once I told a high-ranking Arab police officer that criminals were installing cameras on cash machines to steal money and it is necessary to take measures to prevent from it. His answer was that it is impossible in a Muslim country, where theft is punished under the Sharia law. A year later cyber criminals stole $11 bln from cash machines with the help of cameras installed on cash machines. Besides, many Western banks use a very weak bank-client system in terms of protection. In some points it resembles the system of the Central Bank that was successfully hacked by cyber terrorists. Not long ago cyber terrorists started tapping phones of the UK military in Iraq and then called their relatives in Britain. It is very dangerous for families of troops, who are very concerned about their relatives. Well, cyber terrorists can forge any information, which can result in tragic consequences. The UK authorities can turn to the Russian Interior Ministry and they will be officially noted on facts of racketeering or fraud with the use of cell phones. Generally, I would say that the West is not very highly concerned with the threat of cyber terrorism. But soon they will feel this threat in its full extent. Most probably, Europeans do not comprehend yet that the situation started changing. Although, recently I read an interesting article by Magnus Ranstorp, former Director of Centre for the Study of Terrorism and Political Violence at the University of St Andrews, Scotland, called Al Qaeda Wages Cyber War against US, where he says that al-Qaeda pays much attention to studying the cyberspace and searching for vulnerable spots in it, and the question is not whether it will wage the war, but when it will do it. REGNUM: In Russia the cyber war started as early as in 1992. Has it finished? We cannot state it is finished. It is not stable in Chechnya, where signs of cyber war were clearly seen. Of course, cyber terrorists are trying to apply profits earned in a criminal way in economic and political tasks. A very thorough analysis of the situation usually precedes physical conflicts. I have always stressed that Russia should be ready to withstand any attack of cyber attack. Today, in the days of information wars, it is necessary for Russia to have effective mass technical means of protection; the means ought to be made in Russia and to cost not much. Unfortunately, I did not see comprehension of this in any statement by any politician. REGNUM: What do you think, who should create mass systems of information protection, state-run or commercial companies? Now private companies are doing it under control of governmental agencies who certify such activity. Private enterprises are trusted already to protect state secrets, although often certification increases the price of their product. _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Dec 14 2006 - 23:03:35 PST